On the applicability of trusted computing in distributed authorization using Web services

Aarthi Nagarajan*, Vijay Varadharajan, Michael Hitchens, Saurabh Arora

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

5 Citations (Scopus)

Abstract

Distributed authorization provides the ability to control access to resources spread over the Internet. Typical authorization systems consider a range of security information like user identities, role identities or even temporal, spatial and contextual information associated with the access requestor. However, the ability to include computing platform related information has been quite limited due to constraints in identification and validation of platforms when distributed. Trusted computing is an exciting technology that can provide new ways to bridge this gap. In this paper, we provide the first steps necessary to achieving distributed authorization using trusted computing platforms. We introduce the notion of a Property Manifest that can be used in the specification of authorization policies. We provide an overview of our authorization architecture, its components and functions. We then illustrate the applicability of our system by implementing it in a Web service oriented architecture.

Original languageEnglish
Title of host publicationData and Applications Security XXII - 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Proceedings
EditorsVijay Atluri
Place of PublicationNew York; Berlin
PublisherSpringer, Springer Nature
Pages222-237
Number of pages16
Volume5094 LNCS
ISBN (Print)354070566X, 9783540705666
DOIs
Publication statusPublished - 2008
Event22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security - London, United Kingdom
Duration: 13 Jul 200816 Jul 2008

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5094 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security
CountryUnited Kingdom
CityLondon
Period13/07/0816/07/08

Fingerprint

Dive into the research topics of 'On the applicability of trusted computing in distributed authorization using Web services'. Together they form a unique fingerprint.

Cite this